<?php
/*
 * [JINYUN!] (C)2001-2099 Jinyunweb.com
 * This is NOT a freeware, use is subject to license terms
 * $Id: 2017-12-13 03:39:35 apple $
*/
//插件权限管理。
defined('BY_JYA') or exit('error');
$_RQ['op']=$_RQ['op']?$_RQ['op']:'list';
$return=array();
if($_RQ['plugin_name']){
	$pluginname=$_SESSION['plugin_name']=$_RQ['plugin_name'];
    $_SESSION['nolegao']=intval($_RQ['nolegao']);
}
if(!$pluginname || $pluginname=='core'){
	$pluginname=$_SESSION['plugin_name']?:$_SESSION['current_plugin'];
}
if(!$pluginname || $pluginname=='core'){
	exi('请从插件进入！','error');
}
$menu_file=ROOT_PLUGIN.$pluginname.'/model/menu.php';
if(!is_file($menu_file)){
	exi('该插件不支持自定义权限！','error');
}
if($_RQ['op']=='list'){
	$params=array('uniacid'=>$_SESSION['uniacid'],'pluginname'=>$pluginname);
	$return['list']=pdo_getall('core_user_permissions_plugin',$params,array('id','uniacid','uid','pluginname'));
	foreach($return['list'] as &$v){
		$v['name']=pdo_getcolumn('core_users',array('id'=>$v['uid']),'name');
		$v['sql_perms']=pdo_getcolumn('core_user_permissions',array('uniacid'=>$_SESSION['uniacid'],'uid'=>$v['uid']),'sql_perms');
	}
	$htmls=array(
		'type'=>'list',
		'tabs'=>array(
			array('op'=>'list','title'=>'应用操作列表'),
			array('op'=>'edit','title'=>'添加应用操作'),
		),
		'list'=>array('data'=>'list','tip'=>'[<red>温馨提示</red>]:
		</br><red>修改权限后，需要退出、重新登录才生效！</red>
		</br>1、这里只是插件权限的附加；所选择的站点操作员，必须开启相应的：系统权限设置（移步：站点设置-操作员管理），否则，有些用到系统页面的地方会提示没用权限！
		</br>2、页面的操作权限设置，请移步，站点操作员的设置页面（站点设置-站点操作员设置）！
		','html_to'=>'list_html','list'=>array(
			array('name'=>'uid','title'=>'操作员ID','type'=>'string'),
			array('name'=>'name','title'=>'操作员名称','type'=>'string'),
			array('name'=>'sql_perms','title'=>'操作权限','type'=>'checkbox','options'=>'sql_perms'),
		)),
	);
	$return['sql_perms']=array('添加权限','编辑权限','删除权限','充值权限');
	$return['htmls']=$htmls;
	exi($return);
}

if($_RQ['op']=='edit'){
	$uid=intval($_RQ['id']);
	if($uid){
		$item=pdo_get('core_user_permissions_plugin',array('id'=>$uid,'uniacid'=>$_SESSION['uniacid']),array('id','uniacid','uid','permissions'));
	}else{
		$item=array();
	}
	$return['item']=$item;
	$return['user']=pdo_getall('core_users',array('uniacid'=>$_SESSION['uniacid'],'type'=>array('1','2','4')),array('id','name'),'id');
	$menu=plugin($pluginname)->menu();
	$perms=array();
	foreach($menu as $k=>$v){
		$perms[$k]['title']=$v['title'];
		$perms[$k]['list']=array();
		foreach($v['child'] as $c){
		    if(!$_SESSION['nolegao'] && $c['child']){
                foreach($c['child'] as $x){
                    $e=$x['url'];
                    $perms[$k]['list'][$e]=$x['title'];
                }
            }else{
                $e=$c['url'];
                $perms[$k]['list'][$e]=$c['title'];
            }

		}
	}
	$return['perms']=$perms;
	$htmls=array(
		'type'=>'edit',
		'post'=>'post',
		'desc'=>'插件权限管理',
		'tabs'=>array(
			array('op'=>'list','title'=>'应用操作员列表'),
			array('op'=>'edit','title'=>'添加操作员'),
		),
		'edit'=>array(
			array('type'=>'select','title'=>'选择站点操作员','name'=>'uid','options'=>'user','option_title'=>'name', 'help'=>'请先在站点设置里添加好对应站点操作员并赋予“商城”插件权限' ),	
			array('title'=>'[温馨提示]：页面的操作权限设置，请移步，站点操作员的设置页面（站点设置-操作员设置）！','type'=>'tip'),
			array('type'=>'tip','title'=>'<red>修改权限后，需要退出,重新登录才生效！</red>'),
			array('type'=>'checkbox_two','title'=>'菜单设置','name'=>'permissions','options'=>'perms','help'=>'设置子菜单权限' ),
		)
	);
	$return['htmls']=$htmls;
	exi($return);
}
if($_RQ['op']=='post'){
	$postdata=get_postdata();
	if(!$postdata['uid']){
		exi('请选择操作员！','error');
	}
	if(!$postdata['permissions']){
		exi('请设置菜单权限！','error');
	}
	$data=array_fields(array('uid','permissions'),$postdata);
	$id=intval($postdata['id']);
	//更新系统权限
	$permissions=str_array($postdata['permissions']);
	$usersys_actions=pdo_getcolumn('core_user_permissions',array('uniacid'=>$_SESSION['uniacid'],'uid'=>$postdata['uid']),'sys_actions');
	foreach($permissions as $av){
			$av=links($av);
			if($av['plugin']=='core'){
				$av['op']=$av['op']?:'';
				$sysid=pdo_getcolumn('core_permissions',array('action'=>$av['action']),'id');
				if($usersys_actions){
					$usersys_actions .=$sysid.';';
				}else{
					$usersys_actions .=';'.$sysid.';';
				}
			}
	}
	pdo_update('core_user_permissions',array('sys_actions'=>$usersys_actions),array('uniacid'=>$_SESSION['uniacid'],'uid'=>$postdata['uid']));
	if($id){
		pdo_update('core_user_permissions_plugin',$data,array('uniacid'=>$_SESSION['uniacid'],'id'=>$id));
		$message='修改成功！';
	}else{
		$data['uniacid']=$_SESSION['uniacid'];
		$data['pluginname']=$pluginname;
		pdo_insert('core_user_permissions_plugin',$data);
		$id=pdo_insertid();
		$message='添加成功！';
	}
	exi($message,'','list');
}
if($_RQ['op']=='del'){
	$id=intval($_RQ['id']);
	if($id){
		pdo_delete('core_user_permissions_plugin',array('id'=>$id,'uniacid'=>$_SESSION['uniacid']));
	}
	$del=trim($_RQ['del'],';');
	if($del){
		$del=explode(';',$del);
		foreach($del as $id){
			$id=intval($id);
			if($id){
				pdo_delete('core_user_permissions_plugin',array('id'=>$id,'uniacid'=>$_SESSION['uniacid']));
			}
		}
	}
	exi('删除成功！');
}
?>